I use "curl -I https://[website]" command to retrieve the header of the website to check whether PHP information is included in the header and I encountered this error because SSL is being turned on at my website.
curl: (60) SSL certificate problem: unable to get local issuer certificate More details here: http://curl.haxx.se/docs/sslcerts.html curl performs SSL certificate verification by default, using a "bundle" of Certificate Authority (CA) public keys (CA certs). If the default bundle file isn't adequate, you can specify an alternate file using the --cacert option. If this HTTPS server uses a certificate signed by a CA represented in the bundle, the certificate verification probably failed due to a problem with the certificate (it might be expired, or the name might not match the domain name in the URL). If you'd like to turn off curl's verification of the certificate, use the -k (or --insecure) option.
To fix this problem, I download the certification provider file from "http://curl.haxx.se/ca/cacert.pem" and rename it to become "curl-ca-bundle.crt". Put this file in the same folder as your curl.exe or C:\windows\system32 folder, run "curl -I https://[website]" command again, you will be able to get details as described below
HTTP/1.1 200 OK Date: Thu, 24 Apr 2014 07:48:22 GMT Server: Apache/2.2.15 (Red Hat) X-Powered-By: PHP/5.3.3 Set-Cookie: PHPSESSID=lim3eoqjrs75cnn72tk2pdp910; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Set-Cookie: SMP_PERMAUTH=deleted; expires=Wed, 24-Apr-2013 07:48:21 GMT Connection: close Content-Type: text/html; charset=UTF-8
Through the details as described above, "X-Powered-By: PHP/5.3.3" prove that "expose_php" parameter has not turned off.